CVE-2011-3951

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2011-3951

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-3951.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2011-3951

Downstream

DEBIAN-CVE-2011-3951

DSA-2494-1

Published

2012-08-20T18:55:02Z

Modified

2025-08-09T20:01:25Z

Summary

[none]

Details

The dpcmdecodeframe function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.

References

http://www.debian.org/security/2012/dsa-2494
http://www.ubuntu.com/usn/USN-1479-1
http://ffmpeg.org/
http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=ce7aee9b733134649a6ce2fa743e51733f33e67e
http://libav.org/

CVE-2011-3951

Affected packages